By exploiting a wealth of user-specific data to improve user experiences, the Internet of Things (IoT) will revolutionize people’s lives in the decades ahead through such phenomena as smart cities, connected vehicles, smart homes, and connected healthcare devices. However, as we’ve witnessed with recent much-publicized data hacks, the sharing of such info can compromise users’ privacy. Now Professor Hossein Pishro-Nik of our Electrical and Computer Engineering Department (ECE) is the principal investigator (PI) on a $1-million grant from the National Science Foundation (NSF) to study this issue so critical to the adoption of the IoT. The new proposal is entitled “A Unified Framework for IoT Privacy.”

The proposal’s co-PIs are Professors Dennis Goeckel of ECE and Amir Houmansadr of the College of Information and Computer Sciences.

According to the NSF proposal abstract, Pishro-Nik’s project highlights an important and fundamental challenge critical to the science of cyber-physical systems: “Even if IoT data is carefully anonymized, significant privacy leaks can occur due to the sheer amount of the data generated and the use of powerful mathematical techniques by an adversary to match current behavior with traces of past user behavior.”

This project will develop a systematic approach to understand the fundamental underpinnings of privacy in IoT systems and develop verifiable private IoT implementations that are robust to uncertainties in the models.

As the three researchers write: “A key advantage of this approach, especially in the face of recent advances in algorithms and computation, is that it can achieve provable privacy; i.e., no algorithm can break the privacy of the user.”

The technical problems being considered in the project are organized into two main thrusts. In Thrust 1, the theoretical foundations for IoT privacy are built. Pishro-Nik and colleagues say that “The main goal is to obtain a fundamental understanding of the degree to which the utility of IoT approaches can be maintained while employing privacy-preserving mechanisms to provably prevent an adversary from compromising a user’s privacy by matching a given trace to prior user behavior.”

They add that “critical to this thrust is achieving robust and model independent design, i.e., achieving perfect privacy with the minimum sets of assumptions about the system and data models.”

In Thrust 2 – to validate the theory and demonstrate the potential impact of the approach – the project leverages the PI’s extensive domain expertise to apply the results of Thrust 1 in connected vehicle applications. “More generally, this will indicate the degree to which the data of a given user can be kept private from an interested adversary while still supporting the use of such services,” say Pishro-Nik and his fellow researchers.

Pishro-Nik’s research deals with communication systems and networks, sensor networks, error-control coding, information theory, signal processing for communications, data storage, algorithms, and security. He obtained his B.S. from Sharif University in Tehran, Iran, and his M.S. and Ph.D. from the Georgia Institute of Technology.

Among other honors, Pishro-Nik earned an NSF CAREER Award in 2009, the UMASS College of Engineering Outstanding Junior Faculty Award in 2009, and a Graduate Excellence Award and a CSIP Outstanding Research Award from the Georgia Institute of Technology in 2005. (October 2017)